Hi Marek, On Tue, May 06, 2025 at 02:01:48PM +0200, Marek Marczykowski-Górecki wrote: > On Wed, Apr 30, 2025 at 06:10:04PM +0200, Salvatore Bonaccorso wrote: > > Hi Santiago, > > > > On Tue, Apr 29, 2025 at 11:56:51PM -0300, Santiago Ruano Rincón wrote: > > > Hello all, > > > > > > (And sorry, I realise now that I should had put the security team and > > > Xen maintainers more in the loop at some point.) > > > > > > This is something that we had tried to do for Xen 4.14 > > > (https://bugs.debian.org/1053246), but we failed to find an external > > > party able to help. > > > The full announcement can be found at > > > https://www.freexian.com/blog/xen-4.17-lts/, and for completeness, you > > > can have the main part of it here below: > > > > Thanks for the heads-up on it, that means we won't need to EOL src:xen > > then accordingly and expect as long as src:xen is maintained in the > > stable release before passing over to LTS maintenance that we see thus > > prepared updates for XSA's accordingly from LTS contributors, right? > > > > Is there a (or multiple) dedicated LTS contributors familiar with xen > > which will propose those updates? To whom will the security-team be > > able to reach out if a xen update will warrant a DSA or potentially > > still be fine to be updates via a bookworm point release? > > In practice in most cases it will be me (and in rare cases Simon Gaiser > <si...@invisiblethingslab.com>). None of us are Debian Developers, but > we have experience with maintaining deb packages, and obviously with Xen > itself.
Perfect, thanks a lot for the confirmation! Regards, Salvatore
